The purpose of the Annual Security Briefing is to remind and refresh individuals of their safeguarding

and security responsibilities and to promote continuing awareness of good security practices.

The Annual Briefing helps employees develop an appreciation for the need to protect our country’s

national interests. It also underscores the requirements designed to protect sensitive or unclassified

information and keep classified information out of the hands of those who wish us harm.

Upon completion of this briefing please print and sign the

Acknowledgement Form (www.milcorp.com) on the MILtranet

under the Security tab and submit to Security@milcorp.com

or fax to (301) 737-7940.

2

As a Government contractor:

• We are bound by Executive Order 12829, National Industrial Security Program, which establishes rules and regulations to

properly protect and control all classified material in our possession or under our immediate control.

• We have been granted a Facility Clearance by the Defense Industrial Security Clearance Office – a division of the Defense

Security Service (or known as the Cognizant Security Agency).

• Background Investigations are conducted by OPM based upon the employee’s “Need to Know” and the company’s security

requirements imposed by contract (DD254).

• Employees and consultants requiring access to classified information in order to perform work on classified contracts are

granted “eligibility” by DSS and “access” by the Company (in conjunction with the needs of our government client).

Everyone at MIL (cleared or not) has a responsibility to our Nation and

our Company to ensure sensitive or classified material is handled with

the greatest precautions.

3

The DD 441 is the Department of Defense Security Agreement. It is a signed agreement between The MIL Corporation and the US Government that details the security responsibilities of both the cleared organization and the United States Government.

ADHERE TO THE REQUIREMENTS WITHIN NISPOM

(DOD 5220.22-M)

PROVIDE AND MAINTAIN A SYSTEM OF SECURITY CONTROLS

ENSURE ALL REPRESENTATIVES OF THE COMPANY

MAINTAIN A STRICT SECURITY POSTURE

PASS ALL APPROPRIATE SECURITY REVIEWS AND ASSESSMENTS

4

Once we sign the Classified Information Non-Disclosure Agreement (SF312), we are under an obligation of trust and personal responsibility.

LIFELONG AGREEMENT

A SPECIAL TRUST IS PLACED IN YOU

SERIOUS CONSEQUENCES

FOR NON-COMPLIANCE

YOU MUST PROTECT FROM UNAUTHORIZED DISCLOSURE

5

Industrial security relationships are intended to be continuous and provides for the greatest protection of classified and sensitive information.

On-S

ite

Employee Com

pany

Contra

cting

Office

End User

The End User establishes its security context, requirements and needs

The Contracting Officer issues contract with DD 254 (outlining the security Requirements and expectations).

MIL’s FSO and PM evaluate security requirements and determine security parameters to be implemented.

FSO submits required documentation to Government Agency for access authorizations and approvals.

Division VP and PM evaluates and manages contract performance (including security compliance) on site

DSS IS Representative evaluates MIL’s security performance together with the Government security office / PM.

End User’s Security Office evaluates project security performance by contractor

6

America's global engagement makes us a prime target for foreign espionage. It’s not just intelligence

sources that are targeting us. Other sources of the threat to classified and other protected information

include:

• Foreign or multinational corporations

• Foreign government-sponsored educational and scientific institutions

• Freelance agents (some of whom are unemployed former intelligence officers)

• Computer hackers

• Terrorist organizations

• Revolutionary groups

• Extremist ethnic or religious organizations

• Drug syndicates

• Organized crime

7

The increasing value of technology and trade secrets in the global and domestic marketplaces, and the temporary nature of many high-tech employments, have increased both the opportunities and the incentivesfor economic espionage.

Foreign governments’ continued ability to acquire state-of-the-art U.S. technology at little or no expense has undermined U.S. national security by enabling foreign firms to push aside U.S. businesses in the marketplace and by eroding the U.S. military lead.

A clear line must be drawn to protect information that is:

• classified, or

• subject to export controls because it concerns militarily critical technologies, or

• proprietary information that is the intellectual property of a specific firm or individual.

Stay vigilant in handling and safeguarding information that has the potential to be compromised and used against our country.

8

Information gathered and activities conducted to identify, deceive, exploit, disrupt, or protect

against:

• Espionage

• Other intelligence activities

• Sabotage

• Assassinations

Conducted by for or on behalf of:

• Foreign powers

• Foreign organizations

• Foreign persons or their agents

• International terrorist organizations

9

CI Collection Methods:

• Unsolicited / Direct Requests

• Foreign Visits and Targeting

• Exploitation of Relationships

• Suspicious Network Activity

• Academic Solicitation

• Seeking Employment

• Targeting U.S. Travelers Overseas

• Insider Threat

10

Unsolicited and/or direct requests of CI include:

• Business development activities commonly receive inquiries from foreign entities seeking

information or technology.

• Most frequently utilized basic collection method.

• Low risk/high yield for requestor.

• Originate via e-mail, web card submission, telephone, fax, and mail.

• From foreign companies, government officials, organizations, or any unauthorized

individual.

11

If you feel you are being solicited for information:

• Practice authorized responses to questions concerning your duties.

• Never feel obligated to answer questions which make you feel awkward.

• Change any conversation that might be too probing with respect to your duties, private life, and coworkers.

• Be observant; try to note as much as possible about the person asking questions.

• Maintain professional composure.

• Obtain contact information for individual in a non-probing manner.

• Report and provide as much information as possible about the encounter.

12

Where to report:

• Your Facility Security Officer or Manager

• Your SSO on-site

• If Overseas: Nearest U.S. Embassy or Consulate

13

Your Badge must be replaced or reissued if:

• Your name changes

• Your physical appearance changes

• Your badge is faded or damaged

Badge Cautions

• It is illegal to counterfeit, alter, or misuse your badge.

• Do not use your badge outside of MIL facilities, UNLESS it is for an official government purpose.

• Remove your badge when you are offsite. DO NOT wear it in public places.

Other Badge Reminders

• Protect your badge from theft when you are offsite.

• Report the loss or theft of your badge IMMEDIATELY to your Program Manager AND FSO (301) 866-2005 or (202) 779-2270.

• Your badge must be returned to the FSO or AFSO if it has expired, is no longer required, or upon your termination.

14

There are some items that are prohibited from Security Areas (any area requiring a badge to enter)

based on Federal law or regulation. These items are defined as Prohibited Items.

Prohibited Items

The introduction, transportation, or possession of weapons, explosives or other instruments likely to

produce substantial injury to persons or property are prohibited. This restriction includes:

• Explosives or explosive devices

• Dangerous weapons or simulated weapons

• Controlled substances (e.g., illegal drugs and associated paraphernalia but not prescription

medicine)

• Any other items prohibited by law. Specific information covering prohibited items may be found

under the provisions of 10 Code of Federal Regulations (CFR) 860 and 41 CFR 101-19.3.

15

Certain government or privately-owned items that are designated “Controlled Items” are not allowed in

certain Security Areas.

Controlled Items

• Government and privately-owned portable electronic devices that are capable of recording information

or transmitting data (e.g., radio transmitters, personal data assistants (PDAs), personal laptop

computers, BlackBerry Devices, two-way pagers, cell phones) are not allowed in Limited Areas,

Exclusion Areas, Protected Areas, Material Access Areas, or other sensitive areas as designated by the

facility, without authorization.

Authorization for use of such devices in one security area does not apply to all other security areas.

16

1. Intelligence sources are our only threat to National Security.

___ True

___ False

2. Upon your termination or retirement you may keep your security photo badge.

___ True

___ False

3. BlackBerry devices, cell phones, laptop computers are examples of Controlled Items.

___ True

___ False

4. You have 3 days to report a lost or stolen security badge.

___ True

___ False

17

1. The answer is FALSE.

Security Threats can come in the form non-intelligence sources, like computer hackers, terrorist organizations, drug syndicates and organized crime.

2. The answer is FALSE.

You are not allowed to keep your Badge upon termination.

3. The answer is TRUE.

BlackBerry devices, cell phones, laptop computers are examples of Controlled Items.

4. The answer is FALSE.

The reporting requirements of “Lost or Stolen Badges” is immediately to the cognizant security

authority.

18

• When you completed your original Questionnaire for National Security Positions (SF-86),

a public trust (SF-85) or when a renewal of your clearance was requested, you were

made aware of your responsibility to report certain personal information. Those reporting

responsibilities are ongoing.

• You should also be familiar with and observe local Government or Federal Agency

requirements for reporting responsibilities, while onsite at the Client or Customer’s

location.

• Upon completing this module, you will understand your individual reporting requirements.

19

Remember that whether an individual (Employee, Contractor, Subcontractor, etc.) holds a clearance or is in the process of obtaining a clearance, he or she is required to report certain personal information. This information is to be reported within 2 days by phone and 3 days by written notification, unless noted otherwise.

Reporting requirements include:

• Arrests – Report all arrests, including charges that were dismissed.

• Criminal Charges - Report all criminal charges including felony, misdemeanor, public and petty offenses as defined in the statutes of any state.

• Detention by Law Enforcement - Report any detention by federal, state or other law enforcement authority for violation of law. The only exception to this reporting requirement is detention for a simple traffic stop.

• Traffic Violations - Report any traffic violations for which you receive a fine of $300 or more unless the traffic violation is alcohol or drug related. Any traffic violation that is alcohol or drug related must be reported regardless of the amount.

20

Reporting requirements cont.:

Ongoing Contact with Foreign Nationals – Report employment or business-related associations with any foreign national or employees/representatives of a foreign-owned interest.

Hospitalization - Report hospitalization for: treatment of mental illness or other mental condition; treatment for alcohol or drug abuse; any condition that may cause a significant defect in your judgment or reliability.

Bankruptcy - Report any time you file for personal or business-related bankruptcy.

Wage Garnishment - Report all wage garnishments including but not limited to divorce, delinquent debts or child support.

Foreign Travel - Report any time you travel outside of the CONUS, whether personal or business-related.

Cyber Intrusions – Report any action that indicate actual, probable or possible espionage, sabotage, terrorism, or subversive activities against information systems.

21

The following requirements must also be reported:

Change of Marital Status - Report marriage or cohabitation within 45 days.

Name Changes - Report all legal name changes.

Change of Citizenship - If you are a U.S. citizen who changes citizenship or acquires dual citizenship, you must

report this change to Personnel Security and Counterintelligence.

22

General Security Reporting Requirements

You are also required to report immediately, in person or by secure phone,

incidents of security concern, especially when you become aware that

classified matter or Unclassified Controlled Information has been, or may

have been, lost or compromised. Report to the following:

FSO, Tesfaye Swanson

4000 Mitchellville Road, Suite A208

Bowie, MD 20716

(301) 866-2005 tswanson@milcorp.com

or

AFSO, Sue Abell

46655 Expedition Drive, Suite 100

Lexington Park, MD 20653

(301) 866-2014 sabell@milcorp.com

Waste, fraud and abuse, whether a crime is involved or not, must be reported to the

FSO at the addresses above.

23

Defense Hotline The Pentagon Washington, DC 20301-1900 (800) 424-9098

NRC Hotline U.S. Nuclear Regulatory Commission Office of the Inspector General Mail Stop TSD 28 Washington, D.C. 20555-0001 (800) 233-3497

CIA Hotline

Office of the Inspector General

Central Intelligence Agency

Washington, D.C. 20505

(703) 874-2600

DOE Hotline

Department of Energy

Office of the Inspector General

1000 Independence Avenue,

S.W. Room 5A235

Washington, D.C. 20585

(202) 586-4073

(800) 541-1625

24

1. A traffic violation of $300, or less if it is drug or alcohol-related, must be reported verbally within 2

days.

___ True

___ False

2. Marriage or cohabitation with a person in a spouse-like relationship must be reported within 45

days.

___ True

___ False

3. Waste, fraud and abuse only has to be reported if a crime is involved.

___ True

___ False

25

Did you choose the correct answer for each question?

1. The answer is TRUE.

All drug and alcohol related violations must be reported verbally to the FSO within two days.

2. The answer is TRUE.

Marriage or cohabitation must be reported within 45 days.

NOTE: A cohabitant is a person who lives with the individual in a spouse-like relationship or with a bond of affection, but is not the individual’s legal spouse, child, or other relative (in-laws, mother, father, brother, sister, etc.).

3. The answer is FALSE.

All waste, fraud and abuse must be immediately reported to the FSO.

26

When you have completed this module, you will be able to identify the classified and

unclassified controlled information security requirements presented in the following sections

of this module:

• Classified Information

• Access to Classified Material

• Categories and Levels of Classification

• Accountability for Classified Material

• Sensitive But Unclassified

27

Classification is the identification of information that needs to be

protected in the interest of national security.

Classified information— regardless of physical form or

characteristics—is considered classified if it requires protection

against unauthorized disclosure in the interest of National Security.

Classified information may only be shared or communicated in a

location approved for classified discussions and only by approved

secure/classified means; e.g., secure telephone or secure fax.

28

• Is a communication or physical transfer of classified or unclassified controlled information or material to an unauthorized recipient.

• Could potentially cause damage or irreparable injury to the United States.

• Can occur when an individual intends to transfer information/material, or by negligence.

Unauthorized Disclosure

• Termination of Security Clearance.

• Removal from any position of special confidence and trust requiring clearance.

• Termination of employment.

• Punishment under criminal prosecution.

• Money fines.

Penalties for unauthorized disclosure

29

• The first requirement for allowing access to classified material is that the recipient must have a security clearance. As a person who holds a security clearance, you are personally responsible for all classified material entrusted to you.

• The second requirement is “the need-to-know.” You need access to the information in order to perform official duties.

• The third requirement you must fulfill in order to have access to classified information is to sign the SF-312. The SF-312 is a contractual agreement between you and the United States Government, in which you agree to protect classified information according to Federal Government regulations, to only allow access of classified information to authorized individuals, and to never disclose classified information to an unauthorized person. You signed this form after completing the Initial Security Briefing.

• All individuals who are granted a security clearance receive an initial security education briefing that includes safeguards, security awareness, and protection and control of classified and Unclassified Controlled Information.

CLEARANCE + NEED TO KNOW = ACCESS

30

Information which pertains to the national defense or foreign relations (National Security) of the United States and has been classified in accordance with Executive Order 12958.

31

32

The appropriate cover sheets must be used any time a classified document is removed from a safe, vault, or vault-

type room. The purpose of a classified cover sheet is to prevent unauthorized visual access, serve as an

immediate identifier that the attached document or material is classified, and identify the classification level of the

document.

Classified cover sheets are identified as follows:

33

Accountability for Classified Material

Certain classified material (i.e., paper, electronic, parts) requires stricter controls to prevent unauthorized access to or removal of classified material. These controls include a system of procedures that provide an audit trail and a chain of custody. Classified material requiring a control system and accountability are:

• Top Secret material

• Secret material stored outside a Limited Area (or higher)

• Any material that requires accountability because of national, international, or programmatic requirements (e.g., designated Special Access Programs, Sigma 14, designated COMSEC, etc.)

• Classified Removable Electronic Media (CREM) such as removable hard drives, laptops, compact disks (CDs), digital video discs (DVDs), etc., containing Secret/Restricted Data or higher classification

34

Classified information:

• Must never be left unattended

• Must never be discussed in public places

• Must be discussed on secure telephones or sent via secure faxes

• Must be under the control of an authorized person

• Must never be disclosed to unauthorized (or un-cleared) persons

• Must be transmitted in a manner that prevents loss or unauthorized access

• Stored in an approved GSA storage container

• Never be processed on a computer unless approved by the appropriate authority

• Never place classified materials in unclassified distribution boxes

• Never co-mingle classified and unclassified in distribution boxes or within your work area

35

Sensitive But Unclassified (SBU) - though unclassified, requires strict controls over distribution

(e.g., For Official Use Only, Law Enforcement Sensitive, Sensitive Homeland Security Information,

Security Sensitive Information, Critical Infrastructure Information).

Sensitive Security Information (SSI) - obtained in the conduct of security activities whose public

disclosure would harm transportation security, be an unwarranted invasion of privacy, or reveal trade

secrets or privileged or confidential information.

UNCLASSIFIED/FOUO- treated as confidential, which means it cannot be discarded in the open

trash, made available to the general public, or posted on an uncontrolled website (can include

personally identifying information such as passport and Social Security numbers).

36

All classified information shall be marked to reflect the source of the classification and declassification

instructions per 4-208 of the NISPOM (National Industrial Security Operating Manual). Documents

shall show the required information either on the cover, first page, title page, or in another prominent

position. Other material shall show the required information on the material itself or, if not practical, in

related or accompanying documentation.

a. "DERIVED FROM" Line.

The purpose of the "Derived From" line is to link the derivative classification applied to the material by the contractor and the source

document(s) or classification guide(s) under which it was classified. In completing the "Derived From" line, the contractor shall

identify the applicable guidance that authorizes the classification of the material. Normally this will be a security classification guide

listed on the Contract Security Classification Specification or a source document.

b. "DECLASSIFY ON" Line.

The purpose of the "Declassify On" line is to provide declassification instructions appropriate for the material. When completing this

line, the contractor shall use the information specified in the Contract Security Classification Specification or classification guide

furnished with a classified contract. Or, the contractor shall carry forward the duration instruction from the source document or

classification guide (e.g., date or event).

37

c. "DOWNGRADE TO" Line.

When downgrading instructions are contained in the Contract Security Classification Specification, classification guide or source

document a "Downgrade To" line will be included.

d. "CLASSIFIED BY" Line and "REASON CLASSIFIED" Line.

As a general rule, a "Classified By" line and a "Reason Classified" line will be shown only on originally classified documents.

However, certain agencies may require that derivatively classified documents contain a "Classified By" line to identify the derivative

classifier and a "Reason Classified" Line to identify the specific reason for the derivative classification. Instructions for the use of

these lines will be included in the security classification guidance provided with the contract.

A Derivative Classification course and Refresher course is required once every two years as outlined

in Executive Order 13526, DoD Manual 5200.01, Vol. 3, DoD Information Security Program, and DoD

5220.22-M, National Industrial Security Program Operating Manual (NISPOM). Students will be able

to refresh their knowledge regarding the responsibilities and general principles associated with

derivatively classifying information. Contact Security@milcorp.com for information on the Derivative

Classification course and Refresher course.

38

1. Classified information or material is structured into which three categories?

a. Top Secret, Secret, Confidential

b. National Security Information, Formerly Restricted Data, Restricted Data

c. Confidential Information, Top Secret information, National Security

Information

2. Which of the following is necessary in order to access classified information?

a. The correct clearance level

b. The need to know

c. Signed SF-312

d. All of the above

3. If it is unclassified, then there are no restrictions on handling and distribution.

___ True

___ False

4. A Derivative Classification course and Refresher course is required once every two years.

___ True

___ False

39

1. The answer is A. Top Secret, Secret and Confidential are the three categories of classified information.

2. If you answered “All of the above” then you are correct. To access classified information you must have the

correct clearance level, need-to-know and have signed the Classified Information Nondisclosure Agreement,

(SF 312).

3. The answer is FALSE.

Sensitive but unclassified information requires specific handling and distribution procedures. If you are unsure of the

status of the information you are dealing with, asked you supervisor, local security representative or Program

Manager. Don’t distribute or share until you know the status of the information you are working with!

4. The answer is TRUE.

A Derivative Classification course and Refresher course is required once every two years as outlined in Executive

Order 13526, DoD Manual 5200.01, Vol. 3, DoD Information Security Program, and DoD 5220.22-M, National

Industrial Security Program Operating Manual (NISPOM).

40

In this module you learn the importance of Operations

Security (OPSEC) and the reason for the program. You will

see the importance of your participation in such a program

and what exactly you can do.

You will be reminded of Cyber Security and to be wary of

suspicious e-mails.

41

What is OPSEC?

OPSEC is a process focused on protecting critical and sensitive

information by:

• Identifying threats and vulnerabilities which can be exploited by an adversary,

• Identifying and assessing the risk, and

• Developing and implementing countermeasures.

We, as individual employees, are the ones who implement the security measures used to protect classified and Unclassified Controlled Information (UCI).

Information released to the public in any form, (documents, e-mails, web pages, any form of media, etc.) may be of benefit to those who may:

• Target our facilities or sites for terrorist attack

• Use the information to develop weapons of mass destruction

• Commit acts detrimental to the U.S. national security, citizens, or property

• Practice intelligence gathering (hostile and friendly governments) of our technical information in order to gain an advantage over the U.S. in the economic, scientific and technical arenas

42

What can I do, to do my part?

• Use passwords to access your government computers

• Destroy Unclassified Controlled Information (UCI) in an approved strip shredder

• Do not transmit sensitive information without following proper security procedures

• Do not discuss UCI or classified information in public

• Limit distribution of UCI (need-to-know)

• Guard against phone calls seeking personal and sensitive information

• Use appropriate markings on UCI and classified correspondence

• Watch possible inadvertent ways in which we release information

• Be aware of possible ways in which an adversary can collect information in an open environment (e.g., overheard conversations, notes left in open vehicles, etc.)

• Practice “need-to-know”43

• The Information Technology (IT) Program establishes

requirements for protecting information and information systems.

These requirements include provisions for ensuring that the

protection is commensurate with the risk and damage that could

result from the loss, misuse, disclosure or unauthorized

modification of information that is processed, stored or

transmitted using any information system.

Unclassified Computer Systems

• Unclassified computer systems MUST NOT be used to process

classified information. Classified information must be processed

ONLY on accredited information systems in a designated

security area, such as a Limited Area. Unclassified Controlled

Information (UCI) must be processed according to site level

requirements.44

Be wary of e-mail attachments.

There are some basic principles to follow when using e-mail systems

at work. Handle e-mails from an unknown source cautiously. Ensure

the sender is a reliable source before clicking on a link embedded in

the e-mail.

DO NOT OPEN E-MAILS FROM A SUSPICIOUS SOURCE;

DELETE THEM.

Summary Cyber Security Tips

• Be wary of e-mail attachments • Don’t assume that e-mail is secure• Do not open spam (disruptive, commercial or unwanted e-mails) or

respond to e-mail solicitations (phishing) for personal information

• Do not attempt to verify the source of an e-mail by responding to the e-mail

45

1.) I can do my part in OPSEC by

a. ___ Practicing need-to-know

b. ___ Do not discuss UCI or classified information in public area

c. ___ Limit distribution of UCI (need-to-know)

d. ___ All of the above

2.) If you receive a suspicious e-mail, you should delete it instead of opening the e-mail.

a. ___ True

b. ___ False

46

1.) The correct answer is “All of the Above.” To ensure the protection of classified matter and

other “critical” program elements you have to practice need-to-know; when and where to

discuss and distribute classified or UCI.

2.) The answer is TRUE. You should always delete suspicious e-mails instead of opening them.

Reference: This assumption is a basic principle of Cyber Security.

47

Disciplinary Actions:

• The most frequent type of security violation that occurs is unintentional and caused by human error.

Continuous security awareness is our most effective means of minimizing these types of violations. Following

are some common human errors noted throughout industry:

• A safe or cabinet approved to store classified material is left unlocked and unattended. (Always check to see

that the container is locked prior to leaving the area).

• Classified material is hurriedly placed in a desk drawer when someone not authorized to see it approaches,

and then inadvertently, left there overnight or longer. (Either keep the material with you or return it to the

approved storage container).

• Classified information is inadvertently entered into a computer system not approved for classified processing,

or into an unclassified document. (Be thoroughly familiar with the classification of the information you are

working with).

48

Disciplinary Actions Cont.:

• Information believed to be unclassified is downloaded from a classified computer system onto a diskette, tape

or paper. It is not reviewed properly by the person responsible and is later found to contain classified

information. Prior to the classified contents being discovered, the media has been handled as unclassified and

has been accessed by unauthorized persons, and/or sent out of the facility as unclassified material.

• Classified material being hand-carried to or from another location is left unattended in a vehicle, hotel room, or

stored in a hotel or private residence.

• (Never transmit classified material by hand-carrying unless absolutely necessary).

• Classified material is provided to an individual that is not cleared, has not been approved for access at that

level or has a need-to-know. (Never provide classified material to anyone until you are assured that person is

has the appropriate clearance and a need-to-know; always ask and check first).

49

Disciplinary action taken will be based upon a review of each case’s own merits. The seriousness of the violation

will be determined by whether a compromise, suspected compromise, or loss of classified information has

occurred, or if it was only administrative in nature.

The company’s disciplinary action may be any one of the following depending upon the above factors:

• First Offense – Employee will be counseled and re-briefed on the protocol for handling classified material

appropriately.

• Second Offense - Employee will receive a write up/counseling report to be kept on file and be placed on

probationary period of no less than 90 days.

• Third Offense – Employee will have current clearance administratively withdrawn and a recommendation to

his/her direct supervisor for disciplinary action will be made.

50

In Summary:

• Ensure classified information and UCI are appropriately protected and controlled.

• Ensure need-to-know criteria for both classified and UCI are met prior to providing anyone access.

In addition, the recipient of classified information must possess the appropriate access

authorization (Secret or Top Secret Clearance).

• Ensure any document prepared in a potentially classified subject area is reviewed for classification

BEFORE publication and distribution.

• Know the security requirements for the area(s) you work in or visit, and follow site guidance for

prohibited and controlled items restrictions.

• Contact your site security office for guidance or questions regarding any security-related matter

(e.g., physical, cyber, personnel, information, classification, etc.).

51

Always report Suspicious behavior immediately:

• A lost or stolen badge, bankruptcy, garnishment of wages, legal name change, criminal charge and

arrest, treatment for alcohol or substance abuse.

• Discovery of an actual or potential incident of security concern (e.g., potential or actual

compromise of classified or UCI).

• Waste, fraud, abuse or criminal acts.

• Potential espionage or terrorism-related concerns.

52

• What is MIL’s Greatest Security Weakness?

• What is MIL’s Greatest Threat?

• Who can MIL trust to ensure that good security policy and procedures are adhered to?

Anyone of Us!

All of Us!

53

Once you have reviewed this briefing, print off and sign the acknowledgement form.

• Forward a copy of the signed form to the security@milcorp.com or fax to (301) 737-7940.

• Remember: this signed form is used as an acknowledgement during inspection purposes to

demonstrate that you have reviewed the information on an annual basis. It also confirms your

acknowledgement to aggressively implement and enforce mil’s security posture.

54

THANK YOU!

55